@cdk8s/awscdk-resolver 0.0.95 → 0.0.96

package/node_modules/@aws-sdk/client-sso-oidc/dist-types/commands/CreateTokenWithIAMCommand.d.ts

@@ -0,0 +1,244 @@
+import { Command as $Command } from "@smithy/smithy-client";
+import { MetadataBearer as __MetadataBearer } from "@smithy/types";
+import { CreateTokenWithIAMRequest, CreateTokenWithIAMResponse } from "../models/models_0";
+import { ServiceInputTypes, ServiceOutputTypes, SSOOIDCClientResolvedConfig } from "../SSOOIDCClient";
+/**
+ * @public
+ */
+export { __MetadataBearer, $Command };
+/**
+ * @public
+ *
+ * The input for {@link CreateTokenWithIAMCommand}.
+ */
+export interface CreateTokenWithIAMCommandInput extends CreateTokenWithIAMRequest {
+}
+/**
+ * @public
+ *
+ * The output of {@link CreateTokenWithIAMCommand}.
+ */
+export interface CreateTokenWithIAMCommandOutput extends CreateTokenWithIAMResponse, __MetadataBearer {
+}
+declare const CreateTokenWithIAMCommand_base: {
+    new (input: CreateTokenWithIAMCommandInput): import("@smithy/smithy-client").CommandImpl<CreateTokenWithIAMCommandInput, CreateTokenWithIAMCommandOutput, SSOOIDCClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes>;
+    new (__0_0: CreateTokenWithIAMCommandInput): import("@smithy/smithy-client").CommandImpl<CreateTokenWithIAMCommandInput, CreateTokenWithIAMCommandOutput, SSOOIDCClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes>;
+    getEndpointParameterInstructions(): import("@smithy/middleware-endpoint").EndpointParameterInstructions;
+};
+/**
+ * <p>Creates and returns access and refresh tokens for clients and applications that are
+ *       authenticated using IAM entities. The access token can be used to fetch short-term credentials
+ *       for the assigned AWS accounts or to access application APIs using <code>bearer</code>
+ *       authentication.</p>
+ * @example
+ * Use a bare-bones client and the command you need to make an API call.
+ * ```javascript
+ * import { SSOOIDCClient, CreateTokenWithIAMCommand } from "@aws-sdk/client-sso-oidc"; // ES Modules import
+ * // const { SSOOIDCClient, CreateTokenWithIAMCommand } = require("@aws-sdk/client-sso-oidc"); // CommonJS import
+ * const client = new SSOOIDCClient(config);
+ * const input = { // CreateTokenWithIAMRequest
+ *   clientId: "STRING_VALUE", // required
+ *   grantType: "STRING_VALUE", // required
+ *   code: "STRING_VALUE",
+ *   refreshToken: "STRING_VALUE",
+ *   assertion: "STRING_VALUE",
+ *   scope: [ // Scopes
+ *     "STRING_VALUE",
+ *   ],
+ *   redirectUri: "STRING_VALUE",
+ *   subjectToken: "STRING_VALUE",
+ *   subjectTokenType: "STRING_VALUE",
+ *   requestedTokenType: "STRING_VALUE",
+ * };
+ * const command = new CreateTokenWithIAMCommand(input);
+ * const response = await client.send(command);
+ * // { // CreateTokenWithIAMResponse
+ * //   accessToken: "STRING_VALUE",
+ * //   tokenType: "STRING_VALUE",
+ * //   expiresIn: Number("int"),
+ * //   refreshToken: "STRING_VALUE",
+ * //   idToken: "STRING_VALUE",
+ * //   issuedTokenType: "STRING_VALUE",
+ * //   scope: [ // Scopes
+ * //     "STRING_VALUE",
+ * //   ],
+ * // };
+ *
+ * ```
+ *
+ * @param CreateTokenWithIAMCommandInput - {@link CreateTokenWithIAMCommandInput}
+ * @returns {@link CreateTokenWithIAMCommandOutput}
+ * @see {@link CreateTokenWithIAMCommandInput} for command's `input` shape.
+ * @see {@link CreateTokenWithIAMCommandOutput} for command's `response` shape.
+ * @see {@link SSOOIDCClientResolvedConfig | config} for SSOOIDCClient's `config` shape.
+ *
+ * @throws {@link AccessDeniedException} (client fault)
+ *  <p>You do not have sufficient access to perform this action.</p>
+ *
+ * @throws {@link AuthorizationPendingException} (client fault)
+ *  <p>Indicates that a request to authorize a client with an access user session token is
+ *       pending.</p>
+ *
+ * @throws {@link ExpiredTokenException} (client fault)
+ *  <p>Indicates that the token issued by the service is expired and is no longer valid.</p>
+ *
+ * @throws {@link InternalServerException} (server fault)
+ *  <p>Indicates that an error from the service occurred while trying to process a
+ *       request.</p>
+ *
+ * @throws {@link InvalidClientException} (client fault)
+ *  <p>Indicates that the <code>clientId</code> or <code>clientSecret</code> in the request is
+ *       invalid. For example, this can occur when a client sends an incorrect <code>clientId</code> or
+ *       an expired <code>clientSecret</code>.</p>
+ *
+ * @throws {@link InvalidGrantException} (client fault)
+ *  <p>Indicates that a request contains an invalid grant. This can occur if a client makes a
+ *         <a>CreateToken</a> request with an invalid grant type.</p>
+ *
+ * @throws {@link InvalidRequestException} (client fault)
+ *  <p>Indicates that something is wrong with the input to the request. For example, a required
+ *       parameter might be missing or out of range.</p>
+ *
+ * @throws {@link InvalidRequestRegionException} (client fault)
+ *  <p>Indicates that a token provided as input to the request was issued by and is only usable
+ *       by calling IAM Identity Center endpoints in another region.</p>
+ *
+ * @throws {@link InvalidScopeException} (client fault)
+ *  <p>Indicates that the scope provided in the request is invalid.</p>
+ *
+ * @throws {@link SlowDownException} (client fault)
+ *  <p>Indicates that the client is making the request too frequently and is more than the
+ *       service can handle. </p>
+ *
+ * @throws {@link UnauthorizedClientException} (client fault)
+ *  <p>Indicates that the client is not currently authorized to make the request. This can happen
+ *       when a <code>clientId</code> is not issued for a public client.</p>
+ *
+ * @throws {@link UnsupportedGrantTypeException} (client fault)
+ *  <p>Indicates that the grant type in the request is not supported by the service.</p>
+ *
+ * @throws {@link SSOOIDCServiceException}
+ * <p>Base exception class for all service exceptions from SSOOIDC service.</p>
+ *
+ * @public
+ * @example Call OAuth/OIDC /token endpoint for Authorization Code grant with IAM authentication
+ * ```javascript
+ * //
+ * const input = {
+ *   "clientId": "arn:aws:sso::123456789012:application/ssoins-111111111111/apl-222222222222",
+ *   "code": "yJraWQiOiJrZXktMTU2Njk2ODA4OCIsImFsZyI6IkhTMzg0In0EXAMPLEAUTHCODE",
+ *   "grantType": "authorization_code",
+ *   "redirectUri": "https://mywebapp.example/redirect",
+ *   "scope": [
+ *     "openid",
+ *     "aws",
+ *     "sts:identity_context"
+ *   ]
+ * };
+ * const command = new CreateTokenWithIAMCommand(input);
+ * const response = await client.send(command);
+ * /* response ==
+ * {
+ *   "accessToken": "aoal-YigITUDiNX1xZwOMXM5MxOWDL0E0jg9P6_C_jKQPxS_SKCP6f0kh1Up4g7TtvQqkMnD-GJiU_S1gvug6SrggAkc0:MGYCMQD3IatVjV7jAJU91kK3PkS/SfA2wtgWzOgZWDOR7sDGN9t0phCZz5It/aes/3C1Zj0CMQCKWOgRaiz6AIhza3DSXQNMLjRKXC8F8ceCsHlgYLMZ7hZidEXAMPLEACCESSTOKEN",
+ *   "expiresIn": 1579729529,
+ *   "idToken": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhd3M6aWRlbnRpdHlfc3RvcmVfaWQiOiJkLTMzMzMzMzMzMzMiLCJzdWIiOiI3MzA0NDhmMi1lMGExLTcwYTctYzk1NC0wMDAwMDAwMDAwMDAiLCJhd3M6aW5zdGFuY2VfYWNjb3VudCI6IjExMTExMTExMTExMSIsInN0czppZGVudGl0eV9jb250ZXh0IjoiRVhBTVBMRUlERU5USVRZQ09OVEVYVCIsInN0czphdWRpdF9jb250ZXh0IjoiRVhBTVBMRUFVRElUQ09OVEVYVCIsImlzcyI6Imh0dHBzOi8vaWRlbnRpdHljZW50ZXIuYW1hem9uYXdzLmNvbS9zc29pbnMtMTExMTExMTExMTExIiwiYXdzOmlkZW50aXR5X3N0b3JlX2FybiI6ImFybjphd3M6aWRlbnRpdHlzdG9yZTo6MTExMTExMTExMTExOmlkZW50aXR5c3RvcmUvZC0zMzMzMzMzMzMzIiwiYXVkIjoiYXJuOmF3czpzc286OjEyMzQ1Njc4OTAxMjphcHBsaWNhdGlvbi9zc29pbnMtMTExMTExMTExMTExL2FwbC0yMjIyMjIyMjIyMjIiLCJhd3M6aW5zdGFuY2VfYXJuIjoiYXJuOmF3czpzc286OjppbnN0YW5jZS9zc29pbnMtMTExMTExMTExMTExIiwiYXdzOmNyZWRlbnRpYWxfaWQiOiJfWlIyTjZhVkJqMjdGUEtheWpfcEtwVjc3QVBERl80MXB4ZXRfWWpJdUpONlVJR2RBdkpFWEFNUExFQ1JFRElEIiwiYXV0aF90aW1lIjoiMjAyMC0wMS0yMlQxMjo0NToyOVoiLCJleHAiOjE1Nzk3Mjk1MjksImlhdCI6MTU3OTcyNTkyOX0.Xyah6qbk78qThzJ41iFU2yfGuRqqtKXHrJYwQ8L9Ip0",
+ *   "issuedTokenType": "urn:ietf:params:oauth:token-type:refresh_token",
+ *   "refreshToken": "aorvJYubGpU6i91YnH7Mfo-AT2fIVa1zCfA_Rvq9yjVKIP3onFmmykuQ7E93y2I-9Nyj-A_sVvMufaLNL0bqnDRtgAkc0:MGUCMFrRsktMRVlWaOR70XGMFGLL0SlcCw4DiYveIiOVx1uK9BbD0gvAddsW3UTLozXKMgIxAJ3qxUvjpnlLIOaaKOoa/FuNgqJVvr9GMwDtnAtlh9iZzAkEXAMPLEREFRESHTOKEN",
+ *   "scope": [
+ *     "openid",
+ *     "aws",
+ *     "sts:identity_context"
+ *   ],
+ *   "tokenType": "Bearer"
+ * }
+ * *\/
+ * // example id: create-token-with-iam-for-auth-code
+ * ```
+ *
+ * @example Call OAuth/OIDC /token endpoint for Refresh Token grant with IAM authentication
+ * ```javascript
+ * //
+ * const input = {
+ *   "clientId": "arn:aws:sso::123456789012:application/ssoins-111111111111/apl-222222222222",
+ *   "grantType": "refresh_token",
+ *   "refreshToken": "aorvJYubGpU6i91YnH7Mfo-AT2fIVa1zCfA_Rvq9yjVKIP3onFmmykuQ7E93y2I-9Nyj-A_sVvMufaLNL0bqnDRtgAkc0:MGUCMFrRsktMRVlWaOR70XGMFGLL0SlcCw4DiYveIiOVx1uK9BbD0gvAddsW3UTLozXKMgIxAJ3qxUvjpnlLIOaaKOoa/FuNgqJVvr9GMwDtnAtlh9iZzAkEXAMPLEREFRESHTOKEN"
+ * };
+ * const command = new CreateTokenWithIAMCommand(input);
+ * const response = await client.send(command);
+ * /* response ==
+ * {
+ *   "accessToken": "aoal-YigITUDiNX1xZwOMXM5MxOWDL0E0jg9P6_C_jKQPxS_SKCP6f0kh1Up4g7TtvQqkMnD-GJiU_S1gvug6SrggAkc0:MGYCMQD3IatVjV7jAJU91kK3PkS/SfA2wtgWzOgZWDOR7sDGN9t0phCZz5It/aes/3C1Zj0CMQCKWOgRaiz6AIhza3DSXQNMLjRKXC8F8ceCsHlgYLMZ7hZidEXAMPLEACCESSTOKEN",
+ *   "expiresIn": 1579729529,
+ *   "issuedTokenType": "urn:ietf:params:oauth:token-type:refresh_token",
+ *   "refreshToken": "aorvJYubGpU6i91YnH7Mfo-AT2fIVa1zCfA_Rvq9yjVKIP3onFmmykuQ7E93y2I-9Nyj-A_sVvMufaLNL0bqnDRtgAkc0:MGUCMFrRsktMRVlWaOR70XGMFGLL0SlcCw4DiYveIiOVx1uK9BbD0gvAddsW3UTLozXKMgIxAJ3qxUvjpnlLIOaaKOoa/FuNgqJVvr9GMwDtnAtlh9iZzAkEXAMPLEREFRESHTOKEN",
+ *   "scope": [
+ *     "openid",
+ *     "aws",
+ *     "sts:identity_context"
+ *   ],
+ *   "tokenType": "Bearer"
+ * }
+ * *\/
+ * // example id: create-token-with-iam-for-refresh-token
+ * ```
+ *
+ * @example Call OAuth/OIDC /token endpoint for JWT Bearer grant with IAM authentication
+ * ```javascript
+ * //
+ * const input = {
+ *   "assertion": "eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsImtpZCI6IjFMVE16YWtpaGlSbGFfOHoyQkVKVlhlV01xbyJ9.eyJ2ZXIiOiIyLjAiLCJpc3MiOiJodHRwczovL2xvZ2luLm1pY3Jvc29mdG9ubGluZS5jb20vOTEyMjA0MGQtNmM2Ny00YzViLWIxMTItMzZhMzA0YjY2ZGFkL3YyLjAiLCJzdWIiOiJBQUFBQUFBQUFBQUFBQUFBQUFBQUFJa3pxRlZyU2FTYUZIeTc4MmJidGFRIiwiYXVkIjoiNmNiMDQwMTgtYTNmNS00NmE3LWI5OTUtOTQwYzc4ZjVhZWYzIiwiZXhwIjoxNTM2MzYxNDExLCJpYXQiOjE1MzYyNzQ3MTEsIm5iZiI6MTUzNjI3NDcxMSwibmFtZSI6IkFiZSBMaW5jb2xuIiwicHJlZmVycmVkX3VzZXJuYW1lIjoiQWJlTGlAbWljcm9zb2Z0LmNvbSIsIm9pZCI6IjAwMDAwMDAwLTAwMDAtMDAwMC02NmYzLTMzMzJlY2E3ZWE4MSIsInRpZCI6IjkxMjIwNDBkLTZjNjctNGM1Yi1iMTEyLTM2YTMwNGI2NmRhZCIsIm5vbmNlIjoiMTIzNTIzIiwiYWlvIjoiRGYyVVZYTDFpeCFsTUNXTVNPSkJjRmF0emNHZnZGR2hqS3Y4cTVnMHg3MzJkUjVNQjVCaXN2R1FPN1lXQnlqZDhpUURMcSFlR2JJRGFreXA1bW5PcmNkcUhlWVNubHRlcFFtUnA2QUlaOGpZIn0.1AFWW-Ck5nROwSlltm7GzZvDwUkqvhSQpm55TQsmVo9Y59cLhRXpvB8n-55HCr9Z6G_31_UbeUkoz612I2j_Sm9FFShSDDjoaLQr54CreGIJvjtmS3EkK9a7SJBbcpL1MpUtlfygow39tFjY7EVNW9plWUvRrTgVk7lYLprvfzw-CIqw3gHC-T7IK_m_xkr08INERBtaecwhTeN4chPC4W3jdmw_lIxzC48YoQ0dB1L9-ImX98Egypfrlbm0IBL5spFzL6JDZIRRJOu8vecJvj1mq-IUhGt0MacxX8jdxYLP-KUu2d9MbNKpCKJuZ7p8gwTL5B7NlUdh_dmSviPWrw",
+ *   "clientId": "arn:aws:sso::123456789012:application/ssoins-111111111111/apl-222222222222",
+ *   "grantType": "urn:ietf:params:oauth:grant-type:jwt-bearer"
+ * };
+ * const command = new CreateTokenWithIAMCommand(input);
+ * const response = await client.send(command);
+ * /* response ==
+ * {
+ *   "accessToken": "aoal-YigITUDiNX1xZwOMXM5MxOWDL0E0jg9P6_C_jKQPxS_SKCP6f0kh1Up4g7TtvQqkMnD-GJiU_S1gvug6SrggAkc0:MGYCMQD3IatVjV7jAJU91kK3PkS/SfA2wtgWzOgZWDOR7sDGN9t0phCZz5It/aes/3C1Zj0CMQCKWOgRaiz6AIhza3DSXQNMLjRKXC8F8ceCsHlgYLMZ7hZidEXAMPLEACCESSTOKEN",
+ *   "expiresIn": 1579729529,
+ *   "idToken": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhd3M6aWRlbnRpdHlfc3RvcmVfaWQiOiJkLTMzMzMzMzMzMzMiLCJzdWIiOiI3MzA0NDhmMi1lMGExLTcwYTctYzk1NC0wMDAwMDAwMDAwMDAiLCJhd3M6aW5zdGFuY2VfYWNjb3VudCI6IjExMTExMTExMTExMSIsInN0czppZGVudGl0eV9jb250ZXh0IjoiRVhBTVBMRUlERU5USVRZQ09OVEVYVCIsInN0czphdWRpdF9jb250ZXh0IjoiRVhBTVBMRUFVRElUQ09OVEVYVCIsImlzcyI6Imh0dHBzOi8vaWRlbnRpdHljZW50ZXIuYW1hem9uYXdzLmNvbS9zc29pbnMtMTExMTExMTExMTExIiwiYXdzOmlkZW50aXR5X3N0b3JlX2FybiI6ImFybjphd3M6aWRlbnRpdHlzdG9yZTo6MTExMTExMTExMTExOmlkZW50aXR5c3RvcmUvZC0zMzMzMzMzMzMzIiwiYXVkIjoiYXJuOmF3czpzc286OjEyMzQ1Njc4OTAxMjphcHBsaWNhdGlvbi9zc29pbnMtMTExMTExMTExMTExL2FwbC0yMjIyMjIyMjIyMjIiLCJhd3M6aW5zdGFuY2VfYXJuIjoiYXJuOmF3czpzc286OjppbnN0YW5jZS9zc29pbnMtMTExMTExMTExMTExIiwiYXdzOmNyZWRlbnRpYWxfaWQiOiJfWlIyTjZhVkJqMjdGUEtheWpfcEtwVjc3QVBERl80MXB4ZXRfWWpJdUpONlVJR2RBdkpFWEFNUExFQ1JFRElEIiwiYXV0aF90aW1lIjoiMjAyMC0wMS0yMlQxMjo0NToyOVoiLCJleHAiOjE1Nzk3Mjk1MjksImlhdCI6MTU3OTcyNTkyOX0.Xyah6qbk78qThzJ41iFU2yfGuRqqtKXHrJYwQ8L9Ip0",
+ *   "issuedTokenType": "urn:ietf:params:oauth:token-type:refresh_token",
+ *   "refreshToken": "aorvJYubGpU6i91YnH7Mfo-AT2fIVa1zCfA_Rvq9yjVKIP3onFmmykuQ7E93y2I-9Nyj-A_sVvMufaLNL0bqnDRtgAkc0:MGUCMFrRsktMRVlWaOR70XGMFGLL0SlcCw4DiYveIiOVx1uK9BbD0gvAddsW3UTLozXKMgIxAJ3qxUvjpnlLIOaaKOoa/FuNgqJVvr9GMwDtnAtlh9iZzAkEXAMPLEREFRESHTOKEN",
+ *   "scope": [
+ *     "openid",
+ *     "aws",
+ *     "sts:identity_context"
+ *   ],
+ *   "tokenType": "Bearer"
+ * }
+ * *\/
+ * // example id: create-token-with-iam-for-jwt-bearer
+ * ```
+ *
+ * @example Call OAuth/OIDC /token endpoint for Token Exchange grant with IAM authentication
+ * ```javascript
+ * //
+ * const input = {
+ *   "clientId": "arn:aws:sso::123456789012:application/ssoins-111111111111/apl-222222222222",
+ *   "grantType": "urn:ietf:params:oauth:grant-type:token-exchange",
+ *   "requestedTokenType": "urn:ietf:params:oauth:token-type:access_token",
+ *   "subjectToken": "aoak-Hig8TUDPNX1xZwOMXM5MxOWDL0E0jg9P6_C_jKQPxS_SKCP6f0kh1Up4g7TtvQqkMnD-GJiU_S1gvug6SrggAkc0:MGYCMQD3IatVjV7jAJU91kK3PkS/SfA2wtgWzOgZWDOR7sDGN9t0phCZz5It/aes/3C1Zj0CMQCKWOgRaiz6AIhza3DSXQNMLjRKXC8F8ceCsHlgYLMZ7hZDIFFERENTACCESSTOKEN",
+ *   "subjectTokenType": "urn:ietf:params:oauth:token-type:access_token"
+ * };
+ * const command = new CreateTokenWithIAMCommand(input);
+ * const response = await client.send(command);
+ * /* response ==
+ * {
+ *   "accessToken": "aoal-YigITUDiNX1xZwOMXM5MxOWDL0E0jg9P6_C_jKQPxS_SKCP6f0kh1Up4g7TtvQqkMnD-GJiU_S1gvug6SrggAkc0:MGYCMQD3IatVjV7jAJU91kK3PkS/SfA2wtgWzOgZWDOR7sDGN9t0phCZz5It/aes/3C1Zj0CMQCKWOgRaiz6AIhza3DSXQNMLjRKXC8F8ceCsHlgYLMZ7hZidEXAMPLEACCESSTOKEN",
+ *   "expiresIn": 1579729529,
+ *   "idToken": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhd3M6aWRlbnRpdHlfc3RvcmVfaWQiOiJkLTMzMzMzMzMzMzMiLCJzdWIiOiI3MzA0NDhmMi1lMGExLTcwYTctYzk1NC0wMDAwMDAwMDAwMDAiLCJhd3M6aW5zdGFuY2VfYWNjb3VudCI6IjExMTExMTExMTExMSIsInN0czppZGVudGl0eV9jb250ZXh0IjoiRVhBTVBMRUlERU5USVRZQ09OVEVYVCIsImlzcyI6Imh0dHBzOi8vaWRlbnRpdHljZW50ZXIuYW1hem9uYXdzLmNvbS9zc29pbnMtMTExMTExMTExMTExIiwiYXdzOmlkZW50aXR5X3N0b3JlX2FybiI6ImFybjphd3M6aWRlbnRpdHlzdG9yZTo6MTExMTExMTExMTExOmlkZW50aXR5c3RvcmUvZC0zMzMzMzMzMzMzIiwiYXVkIjoiYXJuOmF3czpzc286OjEyMzQ1Njc4OTAxMjphcHBsaWNhdGlvbi9zc29pbnMtMTExMTExMTExMTExL2FwbC0yMjIyMjIyMjIyMjIiLCJhd3M6aW5zdGFuY2VfYXJuIjoiYXJuOmF3czpzc286OjppbnN0YW5jZS9zc29pbnMtMTExMTExMTExMTExIiwiYXdzOmNyZWRlbnRpYWxfaWQiOiJfWlIyTjZhVkJqMjdGUEtheWpfcEtwVjc3QVBERl80MXB4ZXRfWWpJdUpONlVJR2RBdkpFWEFNUExFQ1JFRElEIiwiYXV0aF90aW1lIjoiMjAyMC0wMS0yMlQxMjo0NToyOVoiLCJleHAiOjE1Nzk3Mjk1MjksImlhdCI6MTU3OTcyNTkyOX0.5SYiW1kMsuUr7nna-l5tlakM0GNbMHvIM2_n0QD23jM",
+ *   "issuedTokenType": "urn:ietf:params:oauth:token-type:access_token",
+ *   "scope": [
+ *     "openid",
+ *     "aws",
+ *     "sts:identity_context"
+ *   ],
+ *   "tokenType": "Bearer"
+ * }
+ * *\/
+ * // example id: create-token-with-iam-for-token-exchange
+ * ```
+ *
+ */
+export declare class CreateTokenWithIAMCommand extends CreateTokenWithIAMCommand_base {
+}

package/node_modules/@aws-sdk/client-sso-oidc/dist-types/commands/RegisterClientCommand.d.ts

@@ -0,0 +1,108 @@
+import { Command as $Command } from "@smithy/smithy-client";
+import { MetadataBearer as __MetadataBearer } from "@smithy/types";
+import { RegisterClientRequest, RegisterClientResponse } from "../models/models_0";
+import { ServiceInputTypes, ServiceOutputTypes, SSOOIDCClientResolvedConfig } from "../SSOOIDCClient";
+/**
+ * @public
+ */
+export { __MetadataBearer, $Command };
+/**
+ * @public
+ *
+ * The input for {@link RegisterClientCommand}.
+ */
+export interface RegisterClientCommandInput extends RegisterClientRequest {
+}
+/**
+ * @public
+ *
+ * The output of {@link RegisterClientCommand}.
+ */
+export interface RegisterClientCommandOutput extends RegisterClientResponse, __MetadataBearer {
+}
+declare const RegisterClientCommand_base: {
+    new (input: RegisterClientCommandInput): import("@smithy/smithy-client").CommandImpl<RegisterClientCommandInput, RegisterClientCommandOutput, SSOOIDCClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes>;
+    new (__0_0: RegisterClientCommandInput): import("@smithy/smithy-client").CommandImpl<RegisterClientCommandInput, RegisterClientCommandOutput, SSOOIDCClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes>;
+    getEndpointParameterInstructions(): import("@smithy/middleware-endpoint").EndpointParameterInstructions;
+};
+/**
+ * <p>Registers a client with IAM Identity Center. This allows clients to initiate device authorization.
+ *       The output should be persisted for reuse through many authentication requests.</p>
+ * @example
+ * Use a bare-bones client and the command you need to make an API call.
+ * ```javascript
+ * import { SSOOIDCClient, RegisterClientCommand } from "@aws-sdk/client-sso-oidc"; // ES Modules import
+ * // const { SSOOIDCClient, RegisterClientCommand } = require("@aws-sdk/client-sso-oidc"); // CommonJS import
+ * const client = new SSOOIDCClient(config);
+ * const input = { // RegisterClientRequest
+ *   clientName: "STRING_VALUE", // required
+ *   clientType: "STRING_VALUE", // required
+ *   scopes: [ // Scopes
+ *     "STRING_VALUE",
+ *   ],
+ * };
+ * const command = new RegisterClientCommand(input);
+ * const response = await client.send(command);
+ * // { // RegisterClientResponse
+ * //   clientId: "STRING_VALUE",
+ * //   clientSecret: "STRING_VALUE",
+ * //   clientIdIssuedAt: Number("long"),
+ * //   clientSecretExpiresAt: Number("long"),
+ * //   authorizationEndpoint: "STRING_VALUE",
+ * //   tokenEndpoint: "STRING_VALUE",
+ * // };
+ *
+ * ```
+ *
+ * @param RegisterClientCommandInput - {@link RegisterClientCommandInput}
+ * @returns {@link RegisterClientCommandOutput}
+ * @see {@link RegisterClientCommandInput} for command's `input` shape.
+ * @see {@link RegisterClientCommandOutput} for command's `response` shape.
+ * @see {@link SSOOIDCClientResolvedConfig | config} for SSOOIDCClient's `config` shape.
+ *
+ * @throws {@link InternalServerException} (server fault)
+ *  <p>Indicates that an error from the service occurred while trying to process a
+ *       request.</p>
+ *
+ * @throws {@link InvalidClientMetadataException} (client fault)
+ *  <p>Indicates that the client information sent in the request during registration is
+ *       invalid.</p>
+ *
+ * @throws {@link InvalidRequestException} (client fault)
+ *  <p>Indicates that something is wrong with the input to the request. For example, a required
+ *       parameter might be missing or out of range.</p>
+ *
+ * @throws {@link InvalidScopeException} (client fault)
+ *  <p>Indicates that the scope provided in the request is invalid.</p>
+ *
+ * @throws {@link SSOOIDCServiceException}
+ * <p>Base exception class for all service exceptions from SSOOIDC service.</p>
+ *
+ * @public
+ * @example Call OAuth/OIDC /register-client endpoint
+ * ```javascript
+ * //
+ * const input = {
+ *   "clientName": "My IDE Plugin",
+ *   "clientType": "public",
+ *   "scopes": [
+ *     "sso:account:access",
+ *     "codewhisperer:completions"
+ *   ]
+ * };
+ * const command = new RegisterClientCommand(input);
+ * const response = await client.send(command);
+ * /* response ==
+ * {
+ *   "clientId": "_yzkThXVzLWVhc3QtMQEXAMPLECLIENTID",
+ *   "clientIdIssuedAt": 1579725929,
+ *   "clientSecret": "VERYLONGSECRETeyJraWQiOiJrZXktMTU2NDAyODA5OSIsImFsZyI6IkhTMzg0In0",
+ *   "clientSecretExpiresAt": 1587584729
+ * }
+ * *\/
+ * // example id: register-client
+ * ```
+ *
+ */
+export declare class RegisterClientCommand extends RegisterClientCommand_base {
+}

package/node_modules/@aws-sdk/client-sso-oidc/dist-types/commands/StartDeviceAuthorizationCommand.d.ts

@@ -0,0 +1,111 @@
+import { Command as $Command } from "@smithy/smithy-client";
+import { MetadataBearer as __MetadataBearer } from "@smithy/types";
+import { StartDeviceAuthorizationRequest, StartDeviceAuthorizationResponse } from "../models/models_0";
+import { ServiceInputTypes, ServiceOutputTypes, SSOOIDCClientResolvedConfig } from "../SSOOIDCClient";
+/**
+ * @public
+ */
+export { __MetadataBearer, $Command };
+/**
+ * @public
+ *
+ * The input for {@link StartDeviceAuthorizationCommand}.
+ */
+export interface StartDeviceAuthorizationCommandInput extends StartDeviceAuthorizationRequest {
+}
+/**
+ * @public
+ *
+ * The output of {@link StartDeviceAuthorizationCommand}.
+ */
+export interface StartDeviceAuthorizationCommandOutput extends StartDeviceAuthorizationResponse, __MetadataBearer {
+}
+declare const StartDeviceAuthorizationCommand_base: {
+    new (input: StartDeviceAuthorizationCommandInput): import("@smithy/smithy-client").CommandImpl<StartDeviceAuthorizationCommandInput, StartDeviceAuthorizationCommandOutput, SSOOIDCClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes>;
+    new (__0_0: StartDeviceAuthorizationCommandInput): import("@smithy/smithy-client").CommandImpl<StartDeviceAuthorizationCommandInput, StartDeviceAuthorizationCommandOutput, SSOOIDCClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes>;
+    getEndpointParameterInstructions(): import("@smithy/middleware-endpoint").EndpointParameterInstructions;
+};
+/**
+ * <p>Initiates device authorization by requesting a pair of verification codes from the
+ *       authorization service.</p>
+ * @example
+ * Use a bare-bones client and the command you need to make an API call.
+ * ```javascript
+ * import { SSOOIDCClient, StartDeviceAuthorizationCommand } from "@aws-sdk/client-sso-oidc"; // ES Modules import
+ * // const { SSOOIDCClient, StartDeviceAuthorizationCommand } = require("@aws-sdk/client-sso-oidc"); // CommonJS import
+ * const client = new SSOOIDCClient(config);
+ * const input = { // StartDeviceAuthorizationRequest
+ *   clientId: "STRING_VALUE", // required
+ *   clientSecret: "STRING_VALUE", // required
+ *   startUrl: "STRING_VALUE", // required
+ * };
+ * const command = new StartDeviceAuthorizationCommand(input);
+ * const response = await client.send(command);
+ * // { // StartDeviceAuthorizationResponse
+ * //   deviceCode: "STRING_VALUE",
+ * //   userCode: "STRING_VALUE",
+ * //   verificationUri: "STRING_VALUE",
+ * //   verificationUriComplete: "STRING_VALUE",
+ * //   expiresIn: Number("int"),
+ * //   interval: Number("int"),
+ * // };
+ *
+ * ```
+ *
+ * @param StartDeviceAuthorizationCommandInput - {@link StartDeviceAuthorizationCommandInput}
+ * @returns {@link StartDeviceAuthorizationCommandOutput}
+ * @see {@link StartDeviceAuthorizationCommandInput} for command's `input` shape.
+ * @see {@link StartDeviceAuthorizationCommandOutput} for command's `response` shape.
+ * @see {@link SSOOIDCClientResolvedConfig | config} for SSOOIDCClient's `config` shape.
+ *
+ * @throws {@link InternalServerException} (server fault)
+ *  <p>Indicates that an error from the service occurred while trying to process a
+ *       request.</p>
+ *
+ * @throws {@link InvalidClientException} (client fault)
+ *  <p>Indicates that the <code>clientId</code> or <code>clientSecret</code> in the request is
+ *       invalid. For example, this can occur when a client sends an incorrect <code>clientId</code> or
+ *       an expired <code>clientSecret</code>.</p>
+ *
+ * @throws {@link InvalidRequestException} (client fault)
+ *  <p>Indicates that something is wrong with the input to the request. For example, a required
+ *       parameter might be missing or out of range.</p>
+ *
+ * @throws {@link SlowDownException} (client fault)
+ *  <p>Indicates that the client is making the request too frequently and is more than the
+ *       service can handle. </p>
+ *
+ * @throws {@link UnauthorizedClientException} (client fault)
+ *  <p>Indicates that the client is not currently authorized to make the request. This can happen
+ *       when a <code>clientId</code> is not issued for a public client.</p>
+ *
+ * @throws {@link SSOOIDCServiceException}
+ * <p>Base exception class for all service exceptions from SSOOIDC service.</p>
+ *
+ * @public
+ * @example Call OAuth/OIDC /start-device-authorization endpoint
+ * ```javascript
+ * //
+ * const input = {
+ *   "clientId": "_yzkThXVzLWVhc3QtMQEXAMPLECLIENTID",
+ *   "clientSecret": "VERYLONGSECRETeyJraWQiOiJrZXktMTU2NDAyODA5OSIsImFsZyI6IkhTMzg0In0",
+ *   "startUrl": "https://identitycenter.amazonaws.com/ssoins-111111111111"
+ * };
+ * const command = new StartDeviceAuthorizationCommand(input);
+ * const response = await client.send(command);
+ * /* response ==
+ * {
+ *   "deviceCode": "yJraWQiOiJrZXktMTU2Njk2ODA4OCIsImFsZyI6IkhTMzIn0EXAMPLEDEVICECODE",
+ *   "expiresIn": 1579729529,
+ *   "interval": 1,
+ *   "userCode": "makdfsk83yJraWQiOiJrZXktMTU2Njk2sImFsZyI6IkhTMzIn0EXAMPLEUSERCODE",
+ *   "verificationUri": "https://device.sso.us-west-2.amazonaws.com",
+ *   "verificationUriComplete": "https://device.sso.us-west-2.amazonaws.com?user_code=makdfsk83yJraWQiOiJrZXktMTU2Njk2sImFsZyI6IkhTMzIn0EXAMPLEUSERCODE"
+ * }
+ * *\/
+ * // example id: start-device-authorization
+ * ```
+ *
+ */
+export declare class StartDeviceAuthorizationCommand extends StartDeviceAuthorizationCommand_base {
+}

package/node_modules/@aws-sdk/client-sso-oidc/dist-types/commands/index.d.ts

@@ -0,0 +1,4 @@
+export * from "./CreateTokenCommand";
+export * from "./CreateTokenWithIAMCommand";
+export * from "./RegisterClientCommand";
+export * from "./StartDeviceAuthorizationCommand";

package/node_modules/@aws-sdk/client-sso-oidc/dist-types/endpoint/EndpointParameters.d.ts

@@ -0,0 +1,40 @@
+import { Endpoint, EndpointParameters as __EndpointParameters, EndpointV2, Provider } from "@smithy/types";
+/**
+ * @public
+ */
+export interface ClientInputEndpointParameters {
+    region?: string | Provider<string>;
+    useDualstackEndpoint?: boolean | Provider<boolean>;
+    useFipsEndpoint?: boolean | Provider<boolean>;
+    endpoint?: string | Provider<string> | Endpoint | Provider<Endpoint> | EndpointV2 | Provider<EndpointV2>;
+}
+export type ClientResolvedEndpointParameters = ClientInputEndpointParameters & {
+    defaultSigningName: string;
+};
+export declare const resolveClientEndpointParameters: <T>(options: T & ClientInputEndpointParameters) => T & ClientInputEndpointParameters & {
+    defaultSigningName: string;
+};
+export declare const commonParams: {
+    readonly UseFIPS: {
+        readonly type: "builtInParams";
+        readonly name: "useFipsEndpoint";
+    };
+    readonly Endpoint: {
+        readonly type: "builtInParams";
+        readonly name: "endpoint";
+    };
+    readonly Region: {
+        readonly type: "builtInParams";
+        readonly name: "region";
+    };
+    readonly UseDualStack: {
+        readonly type: "builtInParams";
+        readonly name: "useDualstackEndpoint";
+    };
+};
+export interface EndpointParameters extends __EndpointParameters {
+    Region?: string;
+    UseDualStack?: boolean;
+    UseFIPS?: boolean;
+    Endpoint?: string;
+}

package/node_modules/@aws-sdk/client-sso-oidc/dist-types/endpoint/endpointResolver.d.ts

@@ -0,0 +1,5 @@
+import { EndpointV2, Logger } from "@smithy/types";
+import { EndpointParameters } from "./EndpointParameters";
+export declare const defaultEndpointResolver: (endpointParams: EndpointParameters, context?: {
+    logger?: Logger;
+}) => EndpointV2;

package/node_modules/@aws-sdk/client-sso-oidc/dist-types/endpoint/ruleset.d.ts

@@ -0,0 +1,2 @@
+import { RuleSetObject } from "@smithy/types";
+export declare const ruleSet: RuleSetObject;

package/node_modules/@aws-sdk/client-sso-oidc/dist-types/extensionConfiguration.d.ts

@@ -0,0 +1,9 @@
+import { AwsRegionExtensionConfiguration } from "@aws-sdk/types";
+import { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http";
+import { DefaultExtensionConfiguration } from "@smithy/types";
+import { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration";
+/**
+ * @internal
+ */
+export interface SSOOIDCExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, AwsRegionExtensionConfiguration, HttpAuthExtensionConfiguration {
+}

package/node_modules/@aws-sdk/client-sso-oidc/dist-types/index.d.ts

@@ -0,0 +1,50 @@
+/**
+ * <p>IAM Identity Center OpenID Connect (OIDC) is a web service that enables a client (such as CLI
+ *       or a native application) to register with IAM Identity Center. The service also enables the client to
+ *       fetch the user’s access token upon successful authentication and authorization with
+ *       IAM Identity Center.</p>
+ *          <note>
+ *             <p>IAM Identity Center uses the <code>sso</code> and <code>identitystore</code> API namespaces.</p>
+ *          </note>
+ *          <p>
+ *             <b>Considerations for Using This Guide</b>
+ *          </p>
+ *          <p>Before you begin using this guide, we recommend that you first review the following
+ *       important information about how the IAM Identity Center OIDC service works.</p>
+ *          <ul>
+ *             <li>
+ *                <p>The IAM Identity Center OIDC service currently implements only the portions of the OAuth 2.0 Device
+ *           Authorization Grant standard (<a href="https://tools.ietf.org/html/rfc8628">https://tools.ietf.org/html/rfc8628</a>) that are necessary to enable single
+ *           sign-on authentication with the CLI. </p>
+ *             </li>
+ *             <li>
+ *                <p>With older versions of the CLI, the service only emits OIDC access tokens, so to
+ *           obtain a new token, users must explicitly re-authenticate. To access the OIDC flow that
+ *           supports token refresh and doesn’t require re-authentication, update to the latest CLI
+ *           version (1.27.10 for CLI V1 and 2.9.0 for CLI V2) with support for OIDC token refresh and
+ *           configurable IAM Identity Center session durations. For more information, see <a href="https://docs.aws.amazon.com/singlesignon/latest/userguide/configure-user-session.html">Configure Amazon Web Services access portal session duration </a>. </p>
+ *             </li>
+ *             <li>
+ *                <p>The access tokens provided by this service grant access to all Amazon Web Services account
+ *           entitlements assigned to an IAM Identity Center user, not just a particular application.</p>
+ *             </li>
+ *             <li>
+ *                <p>The documentation in this guide does not describe the mechanism to convert the access
+ *           token into Amazon Web Services Auth (“sigv4”) credentials for use with IAM-protected Amazon Web Services service
+ *           endpoints. For more information, see <a href="https://docs.aws.amazon.com/singlesignon/latest/PortalAPIReference/API_GetRoleCredentials.html">GetRoleCredentials</a> in the <i>IAM Identity Center Portal API Reference
+ *             Guide</i>.</p>
+ *             </li>
+ *          </ul>
+ *          <p>For general information about IAM Identity Center, see <a href="https://docs.aws.amazon.com/singlesignon/latest/userguide/what-is.html">What is
+ *         IAM Identity Center?</a> in the <i>IAM Identity Center User Guide</i>.</p>
+ *
+ * @packageDocumentation
+ */
+export * from "./SSOOIDCClient";
+export * from "./SSOOIDC";
+export { ClientInputEndpointParameters } from "./endpoint/EndpointParameters";
+export { RuntimeExtension } from "./runtimeExtensions";
+export { SSOOIDCExtensionConfiguration } from "./extensionConfiguration";
+export * from "./commands";
+export * from "./models";
+export { SSOOIDCServiceException } from "./models/SSOOIDCServiceException";

package/node_modules/@aws-sdk/client-sso-oidc/dist-types/models/SSOOIDCServiceException.d.ts

@@ -0,0 +1,13 @@
+import { ServiceException as __ServiceException, ServiceExceptionOptions as __ServiceExceptionOptions } from "@smithy/smithy-client";
+export { __ServiceException, __ServiceExceptionOptions };
+/**
+ * @public
+ *
+ * Base exception class for all service exceptions from SSOOIDC service.
+ */
+export declare class SSOOIDCServiceException extends __ServiceException {
+    /**
+     * @internal
+     */
+    constructor(options: __ServiceExceptionOptions);
+}

package/node_modules/@aws-sdk/client-sso-oidc/dist-types/models/index.d.ts

@@ -0,0 +1 @@
+export * from "./models_0";